From owner-freebsd-hackers  Thu Aug  2 15: 9:43 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8474B37B401; Thu,  2 Aug 2001 15:09:38 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter (localhost [127.0.0.1])
	by critter.freebsd.dk (8.11.4/8.11.4) with ESMTP id f72M9Qx93102;
	Fri, 3 Aug 2001 00:09:26 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: Andre Oppermann <oppermann@telehouse.ch>
Cc: freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG
Subject: Re: 303,000 routes in kernel 
In-Reply-To: Your message of "Fri, 03 Aug 2001 00:03:43 +0200."
             <3B69CE3F.1BCCB280@telehouse.ch> 
Date: Fri, 03 Aug 2001 00:09:26 +0200
Message-ID: <93100.996790166@critter>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

In message <3B69CE3F.1BCCB280@telehouse.ch>, Andre Oppermann writes:

>The problem I've got now is that for every packet I get the kernel is
>making one host entry in the routing table. Because of the many UDP
>DNS requests from all over the world I've got 303'000 (yes, three-
>hundredthreethousand) entries in the kernel routing table which have
>not expired yet. So I'm getting error messages like this now:

Hmm, I wasn't aware that we cloned routes for UDP packets, are you sure
that is what is causing the routes to exists ?   (Just to mention the
obvious: it's not CodeRed probes ?)

You can tweak the route behaviour with some sysctls:

Notably:
	net.inet.ip.rtexpire: 473
	net.inet.ip.rtminexpire: 10
	net.inet.ip.rtmaxcache: 128

There's probably also a detailed explanation what they do somewhere...

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message